--- dia-0.94/plug-ins/xfig/xfig.h.sec 2004-08-16 01:56:21.000000000 -0600
+++ dia-0.94/plug-ins/xfig/xfig.h 2006-03-30 11:07:01.325800661 -0700
@@ -6,6 +6,7 @@
#define FIG_MAX_DEFAULT_COLORS 32
#define FIG_MAX_USER_COLORS 512
+#define FIG_MAX_DEPTHS 1000
/* 1200 PPI */
#define FIG_UNIT 472.440944881889763779527559055118
/* 1/80 inch */
--- dia-0.94/plug-ins/xfig/xfig-import.c.sec 2004-08-16 01:56:21.000000000 -0600
+++ dia-0.94/plug-ins/xfig/xfig-import.c 2006-03-30 11:32:51.439825884 -0700
@@ -441,11 +441,17 @@
static Color
fig_color(int color_index)
{
- if (color_index == -1)
+ if (color_index <= -1)
return color_black; /* Default color */
- if (color_index < FIG_MAX_DEFAULT_COLORS)
+ else if (color_index < FIG_MAX_DEFAULT_COLORS)
return fig_default_colors[color_index];
- else return fig_colors[color_index-FIG_MAX_DEFAULT_COLORS];
+ else if (color_index < FIG_MAX_USER_COLORS)
+ return fig_colors[color_index-FIG_MAX_DEFAULT_COLORS];
+ else {
+ message_error(_("Color index %d too high, only 512 colors allowed. Using black instead."),
+ color_index);
+ return color_black;
+ }
}
static Color
@@ -563,23 +569,24 @@
static int
fig_read_n_points(FILE *file, int n, Point **points) {
int i;
- Point *new_points;
-
- new_points = (Point*)g_malloc(sizeof(Point)*n);
+ GArray *points_list = g_array_sized_new(FALSE, FALSE, sizeof(Point), n);
for (i = 0; i < n; i++) {
int x,y;
+ Point p;
if (fscanf(file, " %d %d ", &x, &y) != 2) {
message_error(_("Error while reading %dth of %d points: %s\n"),
i, n, strerror(errno));
- free(new_points);
+ g_array_free(points_list, TRUE);
return FALSE;
}
- new_points[i].x = x/FIG_UNIT;
- new_points[i].y = y/FIG_UNIT;
+ p.x = x/FIG_UNIT;
+ p.y = y/FIG_UNIT;
+ g_array_append_val(points_list, p);
}
fscanf(file, "\n");
- *points = new_points;
+ *points = (Point *)points_list->data;
+ g_array_free(points_list, FALSE);
return TRUE;
}
@@ -683,7 +690,7 @@
return text_buf;
}
-static GList *depths[1000];
+static GList *depths[FIG_MAX_DEPTHS];
/* If there's something in the compound stack, we ignore the depth field,
as it will be determined by the group anyway */
@@ -693,6 +700,26 @@
level. Best we can do now. */
static int compound_depth;
+/** Add an object at a given depth. This function checks for depth limits
+ * and updates the compound depth if needed.
+ *
+ * @param newobj An object to add. If we're inside a compound, this
+ * doesn't really add the object.
+ * @param depth A depth as in the Fig format, max 999
+ */
+static void
+add_at_depth(DiaObject *newobj, int depth) {
+ if (depth < 0 || depth >= FIG_MAX_DEPTHS) {
+ message_error(_("Depth %d of of range, only 0-%d allowed.\n"),
+ depth, FIG_MAX_DEPTHS-1);
+ depth = FIG_MAX_DEPTHS - 1;
+ }
+ if (compound_stack == NULL)
+ depths[depth] = g_list_append(depths[depth], newobj);
+ else
+ if (compound_depth > depth) compound_depth = depth;
+}
+
static DiaObject *
fig_read_ellipse(FILE *file, DiagramData *dia) {
int sub_type;
@@ -749,10 +776,7 @@
/* Angle -- can't rotate yet */
/* Depth field */
- if (compound_stack == NULL)
- depths[depth] = g_list_append(depths[depth], newobj);
- else
- if (compound_depth > depth) compound_depth = depth;
+ add_at_depth(newobj, depth);
return newobj;
}
@@ -885,10 +909,7 @@
/* Cap style */
/* Depth field */
- if (compound_stack == NULL)
- depths[depth] = g_list_append(depths[depth], newobj);
- else
- if (compound_depth > depth) compound_depth = depth;
+ add_at_depth(newobj, depth);
exit:
prop_list_free(props);
g_free(forward_arrow_info);
@@ -1111,10 +1132,7 @@
/* Cap style */
/* Depth field */
- if (compound_stack == NULL)
- depths[depth] = g_list_append(depths[depth], newobj);
- else
- if (compound_depth > depth) compound_depth = depth;
+ add_at_depth(newobj, depth);
exit:
prop_list_free(props);
g_free(forward_arrow_info);
@@ -1202,10 +1220,7 @@
/* Cap style */
/* Depth field */
- if (compound_stack == NULL)
- depths[depth] = g_list_append(depths[depth], newobj);
- else
- if (compound_depth > depth) compound_depth = depth;
+ add_at_depth(newobj, depth);
exit:
g_free(forward_arrow_info);
@@ -1298,10 +1313,7 @@
newobj->ops->set_props(newobj, props);
/* Depth field */
- if (compound_stack == NULL)
- depths[depth] = g_list_append(depths[depth], newobj);
- else
- if (compound_depth > depth) compound_depth = depth;
+ add_at_depth(newobj, depth);
exit:
if (text_buf != NULL) free(text_buf);
@@ -1346,6 +1358,12 @@
message_error(_("Couldn't read color: %s\n"), strerror(errno));
return FALSE;
}
+
+ if (colornumber < 32 || colornumber > FIG_MAX_USER_COLORS) {
+ message_error(_("Color number %d out of range 0..%d. Discarding color.\n"),
+ colornumber, FIG_MAX_USER_COLORS);
+ return FALSE;
+ }
color.red = ((colorvalues & 0x00ff0000)>>16) / 255.0;
color.green = ((colorvalues & 0x0000ff00)>>8) / 255.0;
@@ -1393,7 +1411,7 @@
}
/* Group extends don't really matter */
if (compound_stack == NULL)
- compound_depth = 999;
+ compound_depth = FIG_MAX_DEPTHS - 1;
compound_stack = g_slist_append(compound_stack, NULL);
return TRUE;
break;
@@ -1551,7 +1569,7 @@
for (i = 0; i < FIG_MAX_USER_COLORS; i++) {
fig_colors[i] = color_black;
}
- for (i = 0; i < 1000; i++) {
+ for (i = 0; i < FIG_MAX_DEPTHS; i++) {
depths[i] = NULL;
}
@@ -1606,7 +1624,7 @@
} while (TRUE);
/* Now we can reorder for the depth fields */
- for (i = 0; i < 1000; i++) {
+ for (i = 0; i < FIG_MAX_DEPTHS; i++) {
if (depths[i] != NULL)
layer_add_objects_first(dia->active_layer, depths[i]);
}
